VUPEN Security Research - Microsoft Windows OpenType CFF Driver Stack Overflow Vulnerability (CVE-2011-0034)

VUPEN Security Research - Microsoft Windows OpenType CFF Driver Stack Overflow Vulnerability CVE-2011-0034 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Microsoft Windows is a series of software operating systems and graphical user interfaces produced by Microsoft...

CVE-2011-0034

Stack-based buffer overflow in the OpenType Compact Font Format aka OTF or CFF driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary cod...

Immunity Canvas: MS11_032

Name| ms11032 ---|--- CVE| CVE-2011-0034 Exploit Pack| CANVAS Description| MS11-032 Privilege Escalation Exploit Notes| Repeatability: Notes: Tested on Windows XP SP3 x86, Windows 2003 SP2 x86/64, Windows 2008 x86/64, Windows 7 x86/64. VENDOR: Microsoft CVE Url:...

CVE-2011-0034

The CVE-2011-0034 issue is a stack overflow in the OpenType Compact Font Format (CFF) driver (ATMFD.dll) in Microsoft Windows. It can be triggered by crafted OpenType fonts and allows remote attackers to execute arbitrary code on affected systems. Affected Windows versions include Windows XP SP2/...